Personal Identification Number (PIN) Security Tips
How to Create and Remember Secure PINs
A personal identification number (PIN) is a security code for verifying your identity. Similar to a password, your PIN should be kept secret because it allows access to important services such as financial transactions. PINs are used for anything digital and requiring access. This can include communication devices, car locks, home locks, and much more.
Security will always be a concern. Using a secure PIN is crucial to preventing unauthorized access to our information, accounts, and assets.
Because PINs protect much of our information and resources, it’s wise to use a PIN that is difficult to guess. Avoid including the following items in your PIN:
- Simple number sequences like 1234 or 0000 (including repetition: 1122 or 2233)
- Significant dates, such as your birth year or spouse’s birthday
- Any part of your Social Security Number
- Any part of your address or phone number
Longer PINs are safer than shorter PINs. If you use a four-digit PIN, there are 10,000 possible variations (starting with 0000, 0001, 0002, and so on). With a six-digit PIN, there are 1 million possible codes.
Longer PINs work well because it takes more attempts to guess them. Most security systems lock your account after a set number of attempts. This ensures it is harder for thieves and computer programs to successfully guess your PIN.
Keep It Secret, but Accessible
Because the PIN authorizes you to access sensitive information, it's fundamental to keep the number secret. Protect it, and never write it on your ATM or debit card.
Hide PIN entry: When you enter your PIN at an ATM or cash register, cover the keypad with your free hand so that nobody can see what you type in. Thieves can install hidden cameras on ATMs and other devices (like gas pumps) for recording PINs. If you want to be extra safe, touch some of the other keys after you enter your PIN to thwart heat-sensitive cameras and other tactics.
Re-use: PINs can be hard to remember—especially if you have multiple cards. This creates a challenging situation: Strong security measures are harder to use. As a result, you may be tempted to take shortcuts like re-using the same PIN. Re-using PINs across multiple accounts and cards is not as secure as one PIN per account and card.
Password managers: If you have multiple PINs, it may be helpful to have a record of each PIN and account. Password managers are useful tools for doing this.
Methods to Create Secure PINs
Creating a memorable PIN can be difficult. Using a PIN strategy can make it easier to create one you can remember.
Strategy #1: The Word Method
One way to create and remember a PIN is to create it from a word.
Think of the numbers and letters on a telephone keypad. Have you ever used the "dial-by-name" option to find somebody in a company's phone directory? Using the same concept, you can base your PIN on a word, making it easier to remember.
For example, the word "word" converts to the PIN 9673 (the W is on the 9, the O is on the 6, and so on).
Strategy #2: The Random Date Method
Another way to create and remember a good PIN is to use a date unrelated to you in any way.
Strategy #3: The Cellphone Friend Method
Your mobile phone probably has dozens or hundreds of contacts.
Add a new fake contact, and hide your PIN within that contact's phone number. For example, if your PIN is 1212, you can add the phone number 555-123-1212 (but use a local-looking phone number—not the fictitious 555 area code). This makes use of the concept of “hiding in plain sight.”
If you choose this method, be sure to look up the PIN before getting to the ATM as a safety precaution.
Strategy #4: The Addition Method
Another way to randomize your PIN is to add numbers to a number that you know well. For example, you might add one to each number of the base PIN. If you start with "5481," you add one to each end position and end up with "6482."
What If You Don't Know Your PIN?
If you don’t know your PIN, you might need to request one from your financial institution. In some cases, you do not get to choose your initial PIN—your service provider mails a PIN to you separately from any cards (in case your card gets stolen from the mail).
You typically have the option to change your PIN, and you might be required to do so. However, some banks allow you to choose your PIN yourself as your card is printed.
When you lose or forget your PIN, you’ll need to reset it. That may require waiting on an email, a mailed document, a visit to your bank, or a call to your security manager.
Whichever method you choose to secure your PIN, always remember to protect it.